I am trying to get WinSCP 5.21.6 to use RSA-SHA2. I have moved up the RSA algorithms in Advanced -> SSH -> Key Exchange tab for the session properties.
It still will only connect at ssh-rsa 2048. I have cleared keys, but it didn't change anything.
Is there a way to force/limit/select which protocols I want to use in the client?
Are you sure you mean the KEX and not a host key algorithm?
The host key algorithm cannot be configured in WinSCP GUI. You have to use Hostkey raw session setting:
https://winscp.net/eng/docs/rawsettings#hostkey
I'm confused. It's the client that picks the algorithm, not the server. And I'm not aware of "RSA SHA512" KEX. Are you really sure this is about "KEX exchange" and not "host key"?
How exactly is the server "server is set up to accept SSH RSA, RSA SHA256, and RSA SHA512"? What server is that?